source: branches/samba-3.3.x/docs-xml/Samba4-HOWTO/protocol.xml

Last change on this file was 217, checked in by Herwig Bauernfeind, 16 years ago

Import Samba 3.3 branch at 3.3.0 level docs-xml (psmedley's port)
File size: 7.4 KB
RevLine 
[217]1<chapter id="protocol">
2 <title>The SMB/CIFS protocol</title>
3
4 <!--
5 Some parts shamelessly borrowed from myself.
6 Original on http://jelmer.vernstok.nl/publications/cifs-developments.pdf
7 -->
8
9 <para>
10 "SMB" (also known as "CIFS") is a
11 file-sharing protocol that has been used since the mid-eighties.
12 Most people know SMB as the protocol behind the "Network Neighbourhood"
13 and remote printing in Windows.
14 </para>
15
16 <para>
17 Several parts of the protocol are not discussed in this chapter, such
18 as mailslots, browsing and dfs, to prevent it from getting too complex.
19 CIFS internals are documented in detail in <citation>Hertel, 2003</citation>.
20 </para>
21
22
23 <sect1>
24 <title>History</title>
25
26 <sect2>
27 <title>Invention by IBM</title>
28
29 <para>
30 SMB is not very old, but it has a long history of modifications and extensions.
31 The original protocol was meant to run over ``NetBIOS'', which was the
32 name of the DOS interface to a very simple LAN system developed by IBM.
33 NetBIOS was developed because SNA, IBM's other main
34 protocol at the time, was much too advanced for use in DOS.
35 </para>
36
37 <para>
38 The NetBIOS API in these days (early eighties) was nothing more then the
39 interface to a very simple link-layer protocol
40 over which several protocols, including SMB, were used. It could do reads and
41 writes to services on remote hosts, which were identified by case-insensitive
42 names, and discover all available hosts and services.
43 </para>
44
45 <para>
46 Dr. Barry Feigenbau, an IBM employee, invented the core of the original SMB protocol,
47 which he initially named after himself: ``BAF''. He later changed the name to
48 be ``SMB'' (for ``Server Message Block''). Every packet in the protocol
49 starts with a byte $0xFF$ and these three letters.
50 </para>
51
52 <para>
53 IBM, Microsoft, 3Com and Intel made up the rest of the initial protocol
54 together. The commands the protocol supported at this stage were basically
55 a mirror of the DOS File IO API calls, which meant the protocol wasn't very
56 efficient. The protocol also lacked authentication support. Everybody on the
57 network could do reads and writes, which meant this protocol
58 wasn't very suitable for large enterprises.
59 </para>
60
61 <para>
62 NetBIOS is an API that has had various implementations; there is
63 NetBIOS over TCP/IP (NBT), NetBIOS over IPX, NetBIOS over SNA and
64 even NetBIOS over DECNEt. Mostly used these days is
65 NetBIOS over TCP (NBT).
66 </para>
67
68 <para>
69 This is also were things are starting to get hairy. Since NetBIOS identifies
70 hosts by their name, NetBIOS clients had to start doing IP broadcasts to
71 figure out the IP of the host they had to connect to. Several schemes were
72 introduced to do name lookups crossing subnet boundaries, using name servers,
73 etc. We're basically emulating a NetBIOS LAN in order to be able to run SMB.
74 </para>
75
76 <para>
77 Doing NetBIOS over IP is not very sane, however, the NBT implementation itself
78 in Windows isn't very nice either. It has horrible
79 limits, special exceptions, several broken schemes for looking up
80 names (including two kinds of name servers). NetBIOS and NetBIOS over TCP/IP
81 are described in RFC1001 and RFC1002.
82 </para>
83 </sect2>
84
85 <sect2>
86 <title>The various incarnations of SMB</title>
87
88 <para>Over the years, several usage models for SMB have been developed. While SMB originally started out as a file sharing protocol, it was later extended to include support for network management and other network services
89 as well.</para>
90
91 <para>
92 One of the reasons for the various "upgrades" of the SMB
93 protocol is the fact that networks have become larger
94 and larger and with them the need for privilege separation
95 and scalability has increased.
96 </para>
97
98 <sect3>
99 <title>DOS</title>
100
101 <para>
102 The original model in which SMB was used was as a
103 simple file-sharing service in a NetBIOS-environment.
104 </para>
105
106 <para>
107 File sharing worked basically by specifying a list of directories that had
108 to be shared and what name they had to be shared under ("shares"). Eventually,
109 one could password-protect a share. At most one password per share could be set.
110 </para>
111 </sect3>
112
113 <sect3>
114 <title>Windows For Workgroups</title>
115
116 <para>
117 After the ``CORE'' dialect,
118 IBM and Microsoft implemented a new dialect known as ``LANMAN''.
119 This dialect was used by Windows for
120 Workgroups, OS/2 and Windows 9x which all know it under a different name. A
121 'virtual' file system was also added, which was used for doing remote function
122 calls (RAP, for ``Remote Administration Protocol'').
123 </para>
124
125 <para>
126 Computers are grouped into "Workgroups" in this model. Everybody is equal to
127 the others and there is no central point of control.
128 </para>
129 </sect3>
130
131 <sect3>
132 <title>Windows NT</title>
133 <para>
134 For Windows NT, yet another dialect was added, named 'NT'. The NT dialect
135 had it's own set of file I/O functions (similar to the NT File I/O API)
136 and it had support for yet another way of doing remote function calls:
137 DCE/RPC. RPC's are used for DCOM and several of the subsystems in NT
138 that can be accessed remotely (registry, printing, user management, logging
139 on, etc).
140 </para>
141
142 <para>
143 Windows NT works with a new concept for grouping computers called ``domains''<footnote>In the protocol, domains are actually an upgraded version of a workgroup</footnote>. Each computer is member of exactly one domain. There are several roles a computer can have in the domain: PDC (primary domain controller, the "manager" of the domain, that coordinates all authentication and authorization), BDC (Backup domain controller, in case the PDC goes down) or just a regular domain member. The PDC decides who is to be a member of the domain.
144 </para>
145 </sect3>
146
147 <sect3>
148 <title>Windows 2000</title>
149 <para>
150 In Windows NT 5 (marketing name: Windows 2000), NetBIOS-less SMB was
151 introduced. This means SMB is used directly over TCP port 445 instead of
152 via NetBIOS over TCP/IP. DNS
153 is used for looking up machine names.
154 </para>
155
156 <para>Windows 2000 was also the first operating system from Microsoft
157 that had support for Active Directory. Active Directory is very
158 similar to the "domain" concept used by NT4, though it
159 is implemented differently (using modified open protocols),
160 and has some additional features (one of the most important ones being decentralized).
161 </para>
162
163 <para>
164 Active directory no longer uses a central point of authority
165 and there are fewer limits to the size of a domain. Several
166 DC's can exist, so there is no longer a single point of
167 failure as well as better scalability.
168 </para>
169 </sect3>
170 </sect2>
171
172 <sect2>
173 <title>Samba versions and their support for the SMB models</title>
174
175 <sect3>
176 <title>Samba 2.2</title>
177
178 <para>Full CORE and Workgroup support. Somewhat basic
179 NT4-style support.</para>
180 </sect3>
181
182 <sect3>
183 <title>Samba 3.0</title>
184
185 <para>Full CORE and Workgroup support. Almost complete
186 NT4-style support.
187 </para>
188 </sect3>
189
190 <sect3>
191 <title>Samba 3.2</title>
192
193 <para>FIXME</para>
194 </sect3>
195
196 <sect3>
197 <title>Samba 4.0</title>
198
199 <para>Full CORE, Workgroup, NT4 and ADS support.</para>
200
201 </sect3>
202 </sect2>
203 </sect1>
204</chapter>
Note: See TracBrowser for help on using the repository browser.